Bundle org.nuxeo.usermapper
Documentation
- 
            README.mdnuxeo-usermapperPrinciplesUse casesWe currently have several places where we need to Create/Update a Nuxeo User (and possibly groups) from data provided by an external system. This can typically be : - an Authentication plugin that handles Just In Time user provisioning
- Shibboleth
- SAML
- OpenId
- Jboss Keycloak
 
- a provisioning API like SCIM
 The goal of this module is double : - avoid duplicated code in several modules
- make the mapping pluggable
 UserMapper ServiceConfigurable mappingOf course, we need the mapping to be configurable, but unfortunately, the source object is different depending on the source : SAML user, Shibboleth user, SCIM user. Ideally, we would like to rely on a key value system (i.e. see user and group as a Map) with simple mapping, but : - SCIM Model is more complex than simple Key/Value
- some time we need to compute some attributes (like : FullName = FirstName + LastName)
 For this reason, the mapping can be contributed : - as a Java Class
- as Groovy Scriptlets
- as JavaScript
 2 Ways mappingAt least for SCIM use cases, the Service needs to handle 2 ways : NuxeoPrincipal getOrCreateAndUpdateNuxeoPrincipal(Object userObject, boolean createIfNeeded, boolean update, Map<String, Serializable> params);This API will be used to create / update a Nuxeo Principal based on SCIM user object. Object wrapNuxeoPrincipal(NuxeoPrincipal principal, Object nativePrincipal, Map<String, Serializable> params);Get the SCIM representation of a Nuxeo User. Contributing new mappingThe component expose a mapperextension point that can be used to contribute new mappers.Using plain Java Code : <mapper name="javaDummy" class="org.nuxeo.usermapper.test.dummy.DummyUserMapper"> <parameters> <param name="param1">value1</param> </parameters> </mapper>Using Groovy Scriptlet : <mapper name="scim" type="groovy"> <mapperScript> <![CDATA[ import org.nuxeo.ecm.platform.usermanager.UserManager; import org.nuxeo.runtime.api.Framework; UserManager um = Framework.getService(UserManager.class); String userId = userObject.getId(); if (userId == null || userId.isEmpty()) { userId = userObject.getUserName(); } ... ]]> </mapperScript> <wrapperScript> <![CDATA[ import org.nuxeo.ecm.core.api.DocumentModel; import org.nuxeo.ecm.core.api.NuxeoException; import org.nuxeo.ecm.platform.usermanager.UserManager; import org.nuxeo.runtime.api.Framework; UserManager um = Framework.getService(UserManager.class); DocumentModel userModel = nuxeoPrincipal.getModel(); ... ]]> </wrapperScript> </mapper>Using JavaScript : <mapper name="jsDummy" type="js"> <mapperScript> searchAttributes.put("username", userObject.login); userAttributes.put("firstName", userObject.name.firstName); userAttributes.put("lastName", userObject.name.lastName); profileAttributes.put("userprofile:phonenumber", "555.666.7777"); </mapperScript> </mapper>mapperScript In the script context for mapping userObject to NuxeoPrincipal (i.e. mapperScripttag corresponding to thegetOrCreateAndUpdateNuxeoPrincipal)- userObject : represent the object passed to the
- searchAttributes : is the Map<String, String> that will be used to search the NuxeoPrincipal
- userAttributes : is the Map<String, String> that will be used to create/update the NuxeoPrincipal
- profileAttribute : is the Map<String, String> that will be used to update the user's profile
 wrapperScript In the script context for wrapping a NuxeoPrincipal into a userObject (i.e. wrapperScripttag corresponding to thewrapNuxeoPrincipalmethod) :- userObject : represent the userObject as initialized by the caller code
- nuxeoPrincipal : is the principal to wrap
- params : is the Map<String, Serializable> passed by the caller
 Building / InstallBuild : mvn clean install
- an Authentication plugin that handles Just In Time user provisioning
Resolution Order
You can influence this order by adding "require" tags in the component declaration, to make sure it is resolved after another component. It will also impact the order in which contributions are registered on their target extension point (see "Registration Order" on contributions).
Components
Packages
Maven Artifact
| File | nuxeo-usermapper-2023.16.12.jar | 
|---|---|
| Group Id | org.nuxeo.ecm.platform | 
| Artifact Id | nuxeo-usermapper | 
| Version | 2023.16.12 | 
Manifest
Manifest-Version: 1.0
Archiver-Version: Plexus Archiver
Created-By: Apache Maven 3.9.6
Built-By: root
Build-Jdk: 17.0.11
Bundle-ManifestVersion: 2
Bundle-Version: 2023.16.12-t20240807-050905
Bundle-Vendor: Nuxeo
Bundle-ActivationPolicy: lazy
Bundle-ClassPath: .
Bundle-Name: org.nuxeo.usermapper
Nuxeo-Component: OSGI-INF/usermapper-service.xml
Bundle-SymbolicName: org.nuxeo.usermapper
Exports
- Json Export Default Json serialization
- Json Graph Json dependency graph
- Json Contribution Stats Json statistics for contributions
- CSV Contribution Stats CSV statistics for contributions
Charts
- 
  Raw Data: Json Contribution Stats